NSX Cloud Overview

FEATURES

Multi-Cloud, Multi-Site Networking and Security

NSX Cloud brings networking and security capabilities to endpoints across multiple clouds. By integrating with NSX Data Center, it enables networking and security management across clouds and data center sites.

Micro-Segmentation

NSX Cloud provides control over East-West traffic between application workloads running natively in public clouds.

Security Groups

Security groups and rules can be defined based on rich policy constructs, such as instance name, OS type, AMI ID, and user-defined tags.

Dynamic Policy

Security policy is automatically applied and enforced based on instance attributes and user-defined tags. Policies automatically follow instances when they are moved within and across clouds.

Quarantine Instances

You can quarantine rogue and compromised workloads that are running in the public cloud without micro-segmentation security. Quarantined instances are prevented from communicating on the cloud network.

Distributed Architecture

A distributed firewalling architecture eliminates additional network hops and traffic because policies are enforced at the virtual network interface of each instance, rather than routed through an external firewall.

Edge Firewalling

Stateful firewalling filters North-South traffic flowing between instances in virtual networks and the public Internet.

RESTful API

RESTful API and automation tools help to programmatically provision and configure networking and security infrastructure on-demand.

Templating

Use existing automation and orchestration tools to create standardized application templates, and simplify provisioning and management of networking and security services across public clouds.

East-West Traffic Visibility

Use existing Day 2 operations tools to gain visibility into East-West traffic within and across virtual private clouds.

Security Logging

Gain real-time visibility and auditing of security events such as allows/denies and quarantine incidents. Send security event information to a Syslog or SIEM server.